Categories

Meta

fail2ban 0.9

With the recent release of fail2ban 0.9 there are very important improvements to the journal and firewalld integration. With these simple configurations, I get fail2ban working in Fedora 20 without a syslog daemon and avoiding being DOSed by a local user.

/etc/fail2ban/fail2ban.local

[Definition]
loglevel = INFO
logtarget = SYSLOG

In /etc/fail2ban/jail.local we set the backend to systemd, so we monitor directly the journal, we also choose as default action firewallcmd-ipset, so the rules are inserted with firewall-cmd and use the ipset facility. Finally, all the jails needed are enabled.